After scanning through our code using Acunetix for vunerabilities, we had an issue with the following script which said:
"An HTTP request was initiated for the domain hit0yPI7kOCzl.bxss.me which indicates that this script is vulnerable to SSRF (Server Side Request Forgery)."
How can I prevent this?
<?php
$filename = strip_tags($_GET['url']);
if (substr($filename,0,4) !== 'http') {
die("Need a valid URL...");
}
$ext = pathinfo($filename, PATHINFO_EXTENSION);
switch ($ext) {
case "gif":
header('Content-Type: image/gif');
readfile($filename);
break;
case "png":
header('Content-Type: image/png');
readfile($filename);
break;
case "jpg":
default:
header('Content-Type: image/jpeg');
readfile($filename);
break;
}
?>